package com.gavin.export.utils;

import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.SecureRandom;
import java.security.Security;
import java.util.Arrays;

/***
 * 国密算法SM4-对称加密
 * @author gangwei.chen
 * @version V1.0.0
 * @date 2022-10-12 08:57:49
 */
@Slf4j
public class GuoMiSM4Utils {
	static {
		Security.addProvider(new BouncyCastleProvider());
	}

	private static final String ENCODING = "UTF-8";
	public static final String ALGORITHM_NAME = "SM4";
	// 加密算法/分组加密模式/分组填充方式
	// PKCS5Padding-以8个字节为一组进行分组加密
	// 定义分组加密模式使用：PKCS5Padding
	public static final String ALGORITHM_NAME_ECB_PADDING = "SM4/ECB/PKCS5Padding";
	// 128-32位16进制；256-64位16进制
	public static final int DEFAULT_KEY_SIZE = 128;

	/**
	 * 生成ECB暗号
	 * 
	 * @explain ECB模式（电子密码本模式：Electronic codebook）
	 * @param algorithmName 算法名称
	 * @param mode          模式
	 * @param key
	 * @return
	 * @throws Exception
	 */
	private static Cipher generateEcbCipher(String algorithmName, int mode, byte[] key) throws Exception {
		Cipher cipher = Cipher.getInstance(algorithmName, BouncyCastleProvider.PROVIDER_NAME);
		Key sm4Key = new SecretKeySpec(key, ALGORITHM_NAME);
		cipher.init(mode, sm4Key);
		return cipher;
	}

	/**
	 * 自动生成密钥
	 * 
	 * @explain
	 * @return
	 * 
	 */
	public static byte[] generateKey() throws Exception {
		return generateKey(DEFAULT_KEY_SIZE);
	}

	// 加密******************************************
	/**
	 * @explain 系统产生秘钥
	 * @param keySize
	 * @return
	 * @throws Exception
	 */
	public static byte[] generateKey(int keySize) throws Exception {
		KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM_NAME, BouncyCastleProvider.PROVIDER_NAME);
		kg.init(keySize, new SecureRandom());
		return kg.generateKey().getEncoded();
	}

	/**
	 * @explain 系统产生秘钥
	 * @return
	 * @throws Exception
	 */
	public static String generKey() throws Exception {
		return ByteUtils.toHexString(generateKey()).toUpperCase();
	}

	/**
	 * sm4加密
	 * 
	 * @explain 加密模式：ECB 密文长度不固定，会随着被加密字符串长度的变化而变化
	 * @param hexKey   16进制密钥（忽略大小写）
	 * @param paramStr 待加密字符串
	 * @return 返回16进制的加密字符串
	 * @throws Exception
	 */
	public static String encryptEcb(String paramStr,String hexKey) {
		try {
			String cipherText = "";
			// 16进制字符串-->byte[]
			byte[] keyData = ByteUtils.fromHexString(hexKey);
			// String-->byte[]
			byte[] srcData = paramStr.getBytes(ENCODING);
			// 加密后的数组
			byte[] cipherArray = encrypt_Ecb_Padding(keyData, srcData);
			// byte[]-->hexString
			cipherText = ByteUtils.toHexString(cipherArray);
			return cipherText;
		} catch (Exception e) {
			e.printStackTrace();
			log.error(e.getMessage(),e);
		}
		return null;
	}

	/**
	 * 加密模式之Ecb
	 * 
	 * @param key
	 * @param data
	 * @return
	 * @throws Exception
	 */
	public static byte[] encrypt_Ecb_Padding(byte[] key, byte[] data) throws Exception {
		Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, key);// 声称Ecb暗号,通过第二个参数判断加密还是解密
		return cipher.doFinal(data);
	}

	// 解密****************************************
	/**
	 * sm4解密
	 * 
	 * @explain 解密模式：采用ECB
	 * @param hexKey     16进制密钥
	 * @param cipherText 16进制的加密字符串（忽略大小写）
	 * @return 解密后的字符串
	 * @throws Exception
	 */
	public static String decryptEcb(String cipherText, String hexKey) {
		try {
			// 用于接收解密后的字符串
			String decryptStr = "";
			// hexString-->byte[]
			byte[] keyData = ByteUtils.fromHexString(hexKey);
			// hexString-->byte[]
			byte[] cipherData = ByteUtils.fromHexString(cipherText);
			// 解密
			byte[] srcData = decrypt_Ecb_Padding(keyData, cipherData);
			// byte[]-->String
			decryptStr = new String(srcData, ENCODING);
			return decryptStr;
		} catch (Exception e) {
			e.printStackTrace();
			log.error(e.getMessage(),e);
		}
		return null;
	}

	/**
	 * 解密
	 * 
	 * @explain
	 * @param key
	 * @param cipherText
	 * @return
	 * @throws Exception
	 */
	public static byte[] decrypt_Ecb_Padding(byte[] key, byte[] cipherText) throws Exception {
		Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.DECRYPT_MODE, key);// 生成Ecb暗号,通过第二个参数判断加密还是解密
		return cipher.doFinal(cipherText);
	}

	/**
	 * 校验加密前后的字符串是否为同一数据
	 * 
	 * @explain
	 * @param hexKey     16进制密钥（忽略大小写）
	 * @param cipherText 16进制加密后的字符串
	 * @param paramStr   加密前的字符串
	 * @return 是否为同一数据
	 * @throws Exception
	 */
	public static boolean verifyEcb(String hexKey, String cipherText, String paramStr) throws Exception {
		// 用于接收校验结果
		boolean flag = false;
		// hexString-->byte[]
		byte[] keyData = ByteUtils.fromHexString(hexKey);
		// 将16进制字符串转换成数组
		byte[] cipherData = ByteUtils.fromHexString(cipherText);
		// 解密
		byte[] decryptData = decrypt_Ecb_Padding(keyData, cipherData);
		// 将原字符串转换成byte[]
		byte[] srcData = paramStr.getBytes(ENCODING);
		// 判断2个数组是否一致
		flag = Arrays.equals(decryptData, srcData);
		return flag;
	}

//	public static void main(String[] args) {
//		try {
//			System.out.println("开始测试SM4加密解密====================");
//
//			String json = "{\"name\":\"静瑶\",\"描述\":\"测试SM4加密解密测试SM4加密解密\"}";
//
//			System.out.println("加密前：" + json);
//			// 自定义的32位16进制秘钥
//			String key = "F9FE3257903575CF659CEF931BAB852E";
//			String cipher = GuoMiSM4Utils.encryptEcb(json,key);// sm4加密
//			// String cipher2 = GuoMiSM4.encryptEcb(key,json);//sm4加密
//			System.out.println("加密后：" + cipher);
//
//			System.out.println("校验：" + GuoMiSM4Utils.verifyEcb(key, cipher, json));// 校验加密前后是否为同一数据
//			json = GuoMiSM4Utils.decryptEcb(cipher,key);// 解密
//			System.out.println("解密后：" + json);
//			System.out.println("结束===================");
//
//			System.out.println(GuoMiSM4Utils.generKey());
//		} catch (Exception e) {
//			e.printStackTrace();
//		}
//	}

	public static void main(String[] args) {
		String securityKey = "17536AA8298D073537E95C754BB5EFDD468CE82FD4BB4CEE7E8009B8EB52F7FC";
		securityKey = securityKey.substring(16, 48);
		String phone = "18049147312";
		String cipher2 = GuoMiSM4Utils.encryptEcb(phone,securityKey);
		System.out.println("加密后：" + cipher2);
		String s = GuoMiSM4Utils.decryptEcb(cipher2, securityKey);
		System.out.println(s);
	}

}
